This article examines key privacy and data protection concerns raised by the Regulations that establish a framework for interoperability between EU-wide centralized information systems processing personal data of third-country nationals (Schengen Information System II, Visa Information System, Eurodac, Entry/Exit System, European Travel Information and Authorization System, European Criminal Records Information System for third-country nationals). After a concise outline of the complex landscape within which these databases have been set up, emphasis is placed on the novelties and challenges that interoperability brings forward. In that regard, the articles evaluates the setting up of new databases, particularly the Biometric Matching Service and the Common Identity Repository – viewed through the Panopticon lens – the maximization of uses for which personal data may be destined, the revised rules on consultation of databases for law enforcement purposes, the challenge of ensuring data quality and the exercise of individual rights.